bn8/check_slapdd_crc32
1
0
Fork 0
Code Issues Pull requests Projects Releases 3 Wiki Activity Actions

Initial version

Browse source
This commit is contained in:
Benjamin Renard 2020-07-03 17:19:54 +02:00
commit e5532b4740
3 changed files with 189 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
*~
.*.swp

39
README.md Normal file
View file

@ -0,0 +1,39 @@
# OpenLDAP tool to check CRC32 of LDIF files of slapd.d directory
This script permit to check (and eventually fix) CRC32 value of the LDIF files of OpenLDAP slapd.d configuration directory.
## Requirements
This script only used common __python3__ modules _(no additionnal package to install on Debian based systems)_.
## Usage
```
usage: check_slapdd_crc32 [-h] [-d] [-v] [-l LOGFILE] [-C] [-f]
[-p SLAPDD_PATH]
optional arguments:
-h, --help show this help message and exit
-d, --debug Show debug messages
-v, --verbose Show verbose messages
-l LOGFILE, --log-file LOGFILE
Log file path
-C, --console Also log on console (even if log file is provided)
-f, --fix Fix CRC32 value in LDIF files
-p SLAPDD_PATH, --path SLAPDD_PATH
Default slapd.d directory path (default:
/etc/ldap/slapd.d)
```
## Copyright
Copyright (c) 2014-2019 Benjamin Renard
## License
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

148
check_slapdd_crc32 Executable file
View file

@ -0,0 +1,148 @@
#!/usr/bin/python3
"""
OpenLDAP tool to check CRC32 of LDIF files of slapd.d directory
"""
import argparse
import binascii
import logging
import os
import re
import sys
default_slapdd_path = '/etc/ldap/slapd.d'
### MAIN ####
parser = argparse.ArgumentParser()
parser.add_argument(
'-d', '--debug',
action='store_true',
help='Show debug messages'
)
parser.add_argument(
'-v', '--verbose',
action='store_true',
help='Show verbose messages'
)
parser.add_argument(
'-l',
'--log-file',
action="store",
type=str,
dest="logfile",
help="Log file path"
)
parser.add_argument(
'-C', '--console',
action='store_true',
help='Also log on console (even if log file is provided)'
)
parser.add_argument(
'-f', '--fix',
action='store_true',
help='Fix CRC32 value in LDIF files'
)
parser.add_argument(
'-p', '--path',
action='store',
type=str,
dest='slapdd_path',
help='Default slapd.d directory path (default: %s)' % default_slapdd_path,
default=default_slapdd_path
)
options = parser.parse_args()
# Initialize log
log = logging.getLogger()
logformat = logging.Formatter("%(asctime)s - " + os.path.basename(sys.argv[0]) + " - %(levelname)s - %(message)s")
if options.debug:
log.setLevel(logging.DEBUG)
elif options.verbose:
log.setLevel(logging.INFO)
else:
log.setLevel(logging.WARNING)
if options.logfile:
logfile = logging.FileHandler(options.logfile)
logfile.setFormatter(logformat)
log.addHandler(logfile)
if not options.logfile or options.console:
logconsole = logging.StreamHandler()
logconsole.setFormatter(logformat)
log.addHandler(logconsole)
def check_file(dir_path, file_name):
"""
Check CRC32 of an LDIF file
:param dir_path: The directory path
:param file_name: The file name
"""
path = os.path.join(dir_path, file_name)
lines = []
current_crc32 = None
try:
with open(path, 'rb') as fd:
for line in fd.readlines():
if line.startswith(b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.'):
logging.debug('%s: AUTO-GENERATED line detected, pass (%s)', path, line)
continue
if line.startswith(b'# CRC32 '):
logging.debug('%s: CRC32 line detected, retreive current CRC32 value (%s)', path, line)
current_crc32 = re.match('^# CRC32 (.*)$', line.decode()).group(1)
logging.debug('%s: current CRC32 found is "%s"', path, current_crc32)
continue
lines.append(line)
except IOError as err:
logging.error('%s: fail to read file content (%s)', path, err)
return False
crc32 = ("%08X" % ((binascii.crc32(b"".join(lines)) & 0xFFFFFFFF) % (1<<32))).lower()
if current_crc32:
if current_crc32 == crc32:
log.info('%s: current CRC32 value is correct (%s)', path, crc32)
else:
log.warning('%s: invalid CRC32 value found (%s != %s)', path, current_crc32, crc32)
fix_crc32(path, crc32, lines)
else:
log.warning('%s: no CRC32 value found. Correct CRC32 value is "%s".', path, crc32)
fix_crc32(path, crc32, lines)
return True
def fix_crc32(path, crc32, lines):
"""
Fix CRC32 value of an LDIF file
:param path: The file path
:param crc32: The CRC32 value of the file
:param lines: Array of file lines without headers
"""
if not options.fix:
return True
try:
with open(path, 'wb') as fd:
lines = [b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.\n', b'# CRC32 %s\n' % crc32.encode()] + lines
for line in lines:
fd.write(line)
except IOError as err:
logging.error('%s: fail to write new file content (%s)', path, err)
return False
return True
log.info('Checking CRC32 in slapd directory "%s"', options.slapdd_path)
for dirpath, dnames, fnames in os.walk(options.slapdd_path):
log.debug('%s: sub-dirs = "%s", files = "%s"', dirpath, '", "'.join(dnames), '", "'.join(fnames))
for fname in fnames:
if fname.endswith('.ldif'):
check_file(dirpath, fname)